Valverdeboy
-
Items
9 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door Valverdeboy
-
-
avg had ik in gebruik..
-
Ik heb een Rescue disk gemaakt en het is voorlopig weg, maar zou ik nog wat kunnen doen ter beveiliging?
-
Beste,
Wanneer ik probeer om via firefox naar mijn hotmail te gaan krijg ik ineens een wit browser als ik op Postvak In klik, ook als ik op opties etc. duw word men browser wit. Echter kan ik via IE er wel op maar ik werk constant op Firefox dus zou het graag zo terug willen.
-
Emsisoft Emergency Kit - Versie 2.0
Laatste Update: 16-8-2012 22:29:06
Scaninstellingen:
Scantype: Diepe scan
Objecten: Rootkits, Geheugen, Sporen, C:\, D:\
Scan archieven: Aan
ADS Scan: Aan
Scan gestart: 16-8-2012 22:32:00
c:\program files\pacificpoker Ontdekt: Trace.File.pacific poker!E1
c:\program files\iwin Ontdekt: Trace.File.baby luv!E1
c:\users\stevens\appdata\roaming\pacificpoker\ Ontdekt: Trace.File.pacificpoker!E1
c:\program files\pacificpoker\ Ontdekt: Trace.File.pacificpoker!E1
c:\program files\pacificpoker\pv.exe Ontdekt: Trace.File.pacific poker!E1
c:\program files\pacificpoker\listproc.exe Ontdekt: Trace.File.pacific poker!E1
c:\program files\pacificpoker\processlist.txt Ontdekt: Trace.File.pacific poker!E1
c:\program files\pacificpoker\install.log Ontdekt: Trace.File.pacific poker!E1
Value: hkey_current_user\software\pacificpoker\poker\init --> ip Ontdekt: Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pacificpoker\poker\init --> ip1 Ontdekt: Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pacificpoker\poker\init --> reconnection_timeout Ontdekt: Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pacificpoker\poker\init --> reconnection_elapse Ontdekt: Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pacificpoker\poker\init --> reconnection_not_response Ontdekt: Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pacificpoker\poker\init --> mediapath Ontdekt: Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pacificpoker\poker\init --> serial Ontdekt: Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pacificpoker\poker\init --> test_data Ontdekt: Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pacificpoker\poker\sdl --> curr_ver Ontdekt: Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pacificpoker\poker\sdl --> s_ip Ontdekt: Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pacificpoker\poker\sdl --> upd_flag Ontdekt: Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pacificpoker\poker\sdl --> upd_ver Ontdekt: Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pacificpoker\poker\sdl --> upg_date Ontdekt: Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pokerinstaller --> fullpath Ontdekt: Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pokerinstaller --> installer_guid Ontdekt: Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pokerinstaller --> url_casino_2 Ontdekt: Trace.Registry.pacific poker!E1
Value: hkey_local_machine\software\freshgames\cubis2 --> apptitle Ontdekt: Trace.Registry.cubis gold 2!E1
Value: hkey_local_machine\software\freshgames\cubis2 --> appexe Ontdekt: Trace.Registry.cubis gold 2!E1
Value: hkey_local_machine\software\freshgames\cubis2 --> distributor Ontdekt: Trace.Registry.cubis gold 2!E1
Value: hkey_local_machine\software\freshgames\cubis2 --> id Ontdekt: Trace.Registry.cubis gold 2!E1
Value: hkey_local_machine\software\freshgames\cubis2 --> installpath Ontdekt: Trace.Registry.cubis gold 2!E1
Value: hkey_local_machine\software\freshgames\cubis2 --> shortcutpath Ontdekt: Trace.Registry.cubis gold 2!E1
Value: hkey_local_machine\software\freshgames\cubis2 --> version Ontdekt: Trace.Registry.cubis gold 2!E1
Key: hkey_current_user\software\pacificpoker Ontdekt: Trace.Registry.pacificpoker!E1
Key: hkey_current_user\software\pacificpoker\casinopoker Ontdekt: Trace.Registry.pacificpoker!E1
Key: hkey_current_user\software\pacificpoker\casinopoker\casino Ontdekt: Trace.Registry.pacificpoker!E1
Key: hkey_current_user\software\pacificpoker\casinopoker\casino\init Ontdekt: Trace.Registry.pacificpoker!E1
Key: hkey_current_user\software\pacificpoker\casinopoker\casino\sdl Ontdekt: Trace.Registry.pacificpoker!E1
Key: hkey_current_user\software\pacificpoker\poker Ontdekt: Trace.Registry.pacificpoker!E1
Key: hkey_current_user\software\pacificpoker\poker\init Ontdekt: Trace.Registry.pacificpoker!E1
Key: hkey_current_user\software\pacificpoker\poker\sdl Ontdekt: Trace.Registry.pacificpoker!E1
Key: hkey_current_user\software\pokerinstaller Ontdekt: Trace.Registry.pacificpoker!E1
Key: hkey_local_machine\software\trymedia systems Ontdekt: Trace.Registry.trymedia!E1
Key: hkey_local_machine\software\trymedia systems\activemark software Ontdekt: Trace.Registry.trymedia!E1
C:\Users\Stevens\AppData\Local\Temp\YontooSetup-Silent.exe Ontdekt: Adware.Win32.Yontoo.AMN!E1
C:\Users\Stevens\AppData\Local\Temp\YontooIEClient.dll Ontdekt: Adware.Win32.Yontoo.AMN!E1
C:\Users\Stevens\AppData\Local\MediaGet2\mediaget-uninstaller.exe Ontdekt: Riskware.Downloader.Win32.MediaGet.AMN!E1
C:\Users\Stevens\AppData\Local\MediaGet2\mediaget-admin-proxy.exe Ontdekt: Riskware.Downloader.Win32.MediaGet.AMN!E1
C:\Users\Stevens\AppData\Local\MediaGet2\libeay32.dll Ontdekt: Riskware.Downloader.Win32.MediaGet.AMN!E1
C:\Users\Stevens\AppData\Local\MediaGet2\libvlc.dll Ontdekt: Riskware.Downloader.Win32.MediaGet.AMN!E1
C:\Users\Stevens\AppData\Local\MediaGet2\mgiehook.dll Ontdekt: Riskware.Downloader.Win32.MediaGet.AMN!E1
C:\Users\Stevens\AppData\Local\MediaGet2\QtNetwork4.dll Ontdekt: Riskware.Downloader.Win32.MediaGet!E2
C:\Users\Stevens\AppData\Local\MediaGet2\libvlccore.dll Ontdekt: Riskware.Downloader.Win32.MediaGet.AMN!E1
C:\Users\Stevens\AppData\Local\MediaGet2\QtDeclarative4.dll Ontdekt: Riskware.Downloader.Win32.MediaGet!E2
C:\Users\Stevens\AppData\Local\MediaGet2\QtSql4.dll Ontdekt: Riskware.Downloader.Win32.MediaGet!E2
C:\Users\Stevens\AppData\Local\MediaGet2\QtScript4.dll Ontdekt: Riskware.Downloader.Win32.MediaGet!E2
C:\Users\Stevens\AppData\Local\MediaGet2\QtXml4.dll Ontdekt: Riskware.Downloader.Win32.MediaGet!E2
C:\Users\Stevens\AppData\Local\MediaGet2\ssleay32.dll Ontdekt: Riskware.Downloader.Win32.MediaGet.AMN!E1
C:\Users\Stevens\AppData\Local\MediaGet2\QtXmlPatterns4.dll Ontdekt: Riskware.Downloader.Win32.MediaGet!E2
C:\Users\Stevens\AppData\Local\MediaGet2\imageformats\qmng4.dll Ontdekt: Riskware.Downloader.Win32.MediaGet!E2
C:\ProgramData\Tarma Installer\{C049526F-B3EB-4151-9B11-B11F00F53A96}\_Setupx.dll Ontdekt: Adware.Win32.Yontoo.AMN!E1
C:\Program Files\Yontoo\YontooIEClient.dll Ontdekt: Adware.Win32.Yontoo.AMN!E1
C:\Program Files\TGAViewer\MyBabylonTB.exe Ontdekt: Riskware.Win32.Toolbar.Babylon.AMN!E1
C:\Program Files\GamingWonderland\bar\1.bin\gtPlugin.dll Ontdekt: Adware.Win32.Toolbar.MyWebSearch.AMN!E1
C:\Program Files\GamingWonderland\bar\1.bin\gtdatact.dll Ontdekt: Adware.Win32.Toolbar.MyWebSearch.AMN!E1
C:\Program Files\GamingWonderland\bar\1.bin\gthtmlmu.dll Ontdekt: Adware.Win32.Toolbar.MyWebSearch.AMN!E1
C:\Program Files\GamingWonderland\bar\1.bin\gtieovr.dll Ontdekt: Adware.Win32.Toolbar.MyWebSearch.AMN!E1
C:\Program Files\GamingWonderland\bar\1.bin\gtskin.dll Ontdekt: Adware.Win32.Toolbar.MyWebSearch.AMN!E1
C:\Program Files\GamingWonderland\bar\1.bin\T8HTML.DLL Ontdekt: Adware.Win32.Toolbar.MyWebSearch.AMN!E1
C:\Program Files\Codemasters\DiRT 3\paul.dll Ontdekt: Riskware.Crack!E2
C:\Program Files\Codemasters\DiRT 3\SKIDROW.dll Ontdekt: Riskware.Crack!E2
Gescand 750379
Gevonden 69
Scan geëindigd: 16-8-2012 23:38:39
Scantijd: 1:06:39
C:\Program Files\Codemasters\DiRT 3\paul.dll Verwijderd Riskware.Crack!E2
C:\Program Files\Codemasters\DiRT 3\SKIDROW.dll Verwijderd Riskware.Crack!E2
C:\Program Files\GamingWonderland\bar\1.bin\gtPlugin.dll Verwijderd Adware.Win32.Toolbar.MyWebSearch.AMN!E1
C:\Program Files\GamingWonderland\bar\1.bin\gtdatact.dll Verwijderd Adware.Win32.Toolbar.MyWebSearch.AMN!E1
C:\Program Files\GamingWonderland\bar\1.bin\gthtmlmu.dll Verwijderd Adware.Win32.Toolbar.MyWebSearch.AMN!E1
C:\Program Files\GamingWonderland\bar\1.bin\gtieovr.dll Verwijderd Adware.Win32.Toolbar.MyWebSearch.AMN!E1
C:\Program Files\GamingWonderland\bar\1.bin\gtskin.dll Verwijderd Adware.Win32.Toolbar.MyWebSearch.AMN!E1
C:\Program Files\GamingWonderland\bar\1.bin\T8HTML.DLL Verwijderd Adware.Win32.Toolbar.MyWebSearch.AMN!E1
C:\Program Files\TGAViewer\MyBabylonTB.exe Verwijderd Riskware.Win32.Toolbar.Babylon.AMN!E1
C:\Users\Stevens\AppData\Local\MediaGet2\QtNetwork4.dll Verwijderd Riskware.Downloader.Win32.MediaGet!E2
C:\Users\Stevens\AppData\Local\MediaGet2\QtDeclarative4.dll Verwijderd Riskware.Downloader.Win32.MediaGet!E2
C:\Users\Stevens\AppData\Local\MediaGet2\QtSql4.dll Verwijderd Riskware.Downloader.Win32.MediaGet!E2
C:\Users\Stevens\AppData\Local\MediaGet2\QtScript4.dll Verwijderd Riskware.Downloader.Win32.MediaGet!E2
C:\Users\Stevens\AppData\Local\MediaGet2\QtXml4.dll Verwijderd Riskware.Downloader.Win32.MediaGet!E2
C:\Users\Stevens\AppData\Local\MediaGet2\QtXmlPatterns4.dll Verwijderd Riskware.Downloader.Win32.MediaGet!E2
C:\Users\Stevens\AppData\Local\MediaGet2\imageformats\qmng4.dll Verwijderd Riskware.Downloader.Win32.MediaGet!E2
C:\Users\Stevens\AppData\Local\MediaGet2\mediaget-uninstaller.exe Verwijderd Riskware.Downloader.Win32.MediaGet.AMN!E1
C:\Users\Stevens\AppData\Local\MediaGet2\mediaget-admin-proxy.exe Verwijderd Riskware.Downloader.Win32.MediaGet.AMN!E1
C:\Users\Stevens\AppData\Local\MediaGet2\libeay32.dll Verwijderd Riskware.Downloader.Win32.MediaGet.AMN!E1
C:\Users\Stevens\AppData\Local\MediaGet2\libvlc.dll Verwijderd Riskware.Downloader.Win32.MediaGet.AMN!E1
C:\Users\Stevens\AppData\Local\MediaGet2\mgiehook.dll Verwijderd Riskware.Downloader.Win32.MediaGet.AMN!E1
C:\Users\Stevens\AppData\Local\MediaGet2\libvlccore.dll Verwijderd Riskware.Downloader.Win32.MediaGet.AMN!E1
C:\Users\Stevens\AppData\Local\MediaGet2\ssleay32.dll Verwijderd Riskware.Downloader.Win32.MediaGet.AMN!E1
C:\Users\Stevens\AppData\Local\Temp\YontooSetup-Silent.exe Verwijderd Adware.Win32.Yontoo.AMN!E1
C:\Users\Stevens\AppData\Local\Temp\YontooIEClient.dll Verwijderd Adware.Win32.Yontoo.AMN!E1
C:\ProgramData\Tarma Installer\{C049526F-B3EB-4151-9B11-B11F00F53A96}\_Setupx.dll Verwijderd Adware.Win32.Yontoo.AMN!E1
C:\Program Files\Yontoo\YontooIEClient.dll Verwijderd Adware.Win32.Yontoo.AMN!E1
Key: hkey_local_machine\software\trymedia systems Verwijderd Trace.Registry.trymedia!E1
Key: hkey_local_machine\software\trymedia systems\activemark software Verwijderd Trace.Registry.trymedia!E1
Key: hkey_current_user\software\pacificpoker Verwijderd Trace.Registry.pacificpoker!E1
Key: hkey_current_user\software\pacificpoker\casinopoker Verwijderd Trace.Registry.pacificpoker!E1
Key: hkey_current_user\software\pacificpoker\casinopoker\casino Verwijderd Trace.Registry.pacificpoker!E1
Key: hkey_current_user\software\pacificpoker\casinopoker\casino\init Verwijderd Trace.Registry.pacificpoker!E1
Key: hkey_current_user\software\pacificpoker\casinopoker\casino\sdl Verwijderd Trace.Registry.pacificpoker!E1
Key: hkey_current_user\software\pacificpoker\poker Verwijderd Trace.Registry.pacificpoker!E1
Key: hkey_current_user\software\pacificpoker\poker\init Verwijderd Trace.Registry.pacificpoker!E1
Key: hkey_current_user\software\pacificpoker\poker\sdl Verwijderd Trace.Registry.pacificpoker!E1
Key: hkey_current_user\software\pokerinstaller Verwijderd Trace.Registry.pacificpoker!E1
Value: hkey_local_machine\software\freshgames\cubis2 --> apptitle Verwijderd Trace.Registry.cubis gold 2!E1
Value: hkey_local_machine\software\freshgames\cubis2 --> appexe Verwijderd Trace.Registry.cubis gold 2!E1
Value: hkey_local_machine\software\freshgames\cubis2 --> distributor Verwijderd Trace.Registry.cubis gold 2!E1
Value: hkey_local_machine\software\freshgames\cubis2 --> id Verwijderd Trace.Registry.cubis gold 2!E1
Value: hkey_local_machine\software\freshgames\cubis2 --> installpath Verwijderd Trace.Registry.cubis gold 2!E1
Value: hkey_local_machine\software\freshgames\cubis2 --> shortcutpath Verwijderd Trace.Registry.cubis gold 2!E1
Value: hkey_local_machine\software\freshgames\cubis2 --> version Verwijderd Trace.Registry.cubis gold 2!E1
Value: hkey_current_user\software\pacificpoker\poker\init --> ip Verwijderd Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pacificpoker\poker\init --> ip1 Verwijderd Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pacificpoker\poker\init --> reconnection_timeout Verwijderd Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pacificpoker\poker\init --> reconnection_elapse Verwijderd Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pacificpoker\poker\init --> reconnection_not_response Verwijderd Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pacificpoker\poker\init --> mediapath Verwijderd Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pacificpoker\poker\init --> serial Verwijderd Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pacificpoker\poker\init --> test_data Verwijderd Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pacificpoker\poker\sdl --> curr_ver Verwijderd Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pacificpoker\poker\sdl --> s_ip Verwijderd Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pacificpoker\poker\sdl --> upd_flag Verwijderd Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pacificpoker\poker\sdl --> upd_ver Verwijderd Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pacificpoker\poker\sdl --> upg_date Verwijderd Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pokerinstaller --> fullpath Verwijderd Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pokerinstaller --> installer_guid Verwijderd Trace.Registry.pacific poker!E1
Value: hkey_current_user\software\pokerinstaller --> url_casino_2 Verwijderd Trace.Registry.pacific poker!E1
c:\users\stevens\appdata\roaming\pacificpoker\ Verwijderd Trace.File.pacificpoker!E1
c:\program files\pacificpoker\ Verwijderd Trace.File.pacificpoker!E1
c:\program files\iwin Verwijderd Trace.File.baby luv!E1
Verwijderd 64
Nogsteeds het zelfde probleem
-
Neen, en heb het logje als administrator gemaakt
-
HiJackThis Log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:46:09, on 16-8-2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Safe mode with network support
Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Stevens\Desktop\HijackThis.exe
C:\Windows\system32\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [switchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
O4 - HKCU\..\Run: [spotify] "C:\Users\Stevens\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [MediaGet2] C:\Users\Stevens\AppData\Local\MediaGet2\mediaget.exe --minimized
O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Stevens\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Stevens\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [WUDFPlatform] C:\Users\Stevens\AppData\Local\Microsoft\Windows\709\WUDFPlatform.exe
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: PokerStars.be - {878AC5FC-BE78-4bae-896C-7F75B790A71E} - C:\Program Files\PokerStars.BE\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\Windows\System32\appdrvrem01.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iWinTrusted - iWin Inc. - C:\Program Files\iWin Games\iWinTrusted.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
--
End of file - 6625 bytes
Malaware:
Malwarebytes Anti-Malware 1.62.0.1300
Malwarebytes : Free anti-malware download
Databaseversie: v2012.08.16.05
Windows 7 x86 NTFS (Veilige modus/netwerkmogelijkheden)
Internet Explorer 9.0.8112.16421
Stevens :: STEVENS-PC [administrator]
16-8-2012 12:34:16
mbam-log-2012-08-16 (12-34-16).txt
Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 214738
Verstreken tijd: 3 minuut/minuten, 12 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 12
HKLM\SYSTEM\CurrentControlSet\Services\GamingWonderlandService (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\CLSID\{08fbcb5f-de4f-49e0-977e-e4269f4d7206} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\TypeLib\{8b4c0e7e-23f4-419f-814e-957e905c31f3} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\Interface\{0DB657AC-FA16-4F01-AADF-023D29F75D62} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\GamingWonderland.SettingsPlugin.1 (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\GamingWonderland.SettingsPlugin (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08FBCB5F-DE4F-49E0-977E-E4269F4D7206} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GamingWonderlandbar Uninstall (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCR\CLSID\{7c8f8fe5-9785-4f74-bcf8-895ef9752d97} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C8F8FE5-9785-4F74-BCF8-895EF9752D97} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{7C8F8FE5-9785-4F74-BCF8-895EF9752D97} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7C8F8FE5-9785-4F74-BCF8-895EF9752D97} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd.
Registerwaarden gedetecteerd: 2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|GamingWonderland Search Scope Monitor (PUP.MyWebSearch) -> Data: "C:\PROGRA~1\GAMING~2\bar\1.bin\gtsrchmn.exe" /m=2 /w /h -> Succesvol in quarantaine geplaatst en verwijderd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|GamingWonderland Browser Plugin Loader (PUP.MyWebSearch) -> Data: C:\PROGRA~1\GAMING~2\bar\1.bin\gtbrmon.exe -> Succesvol in quarantaine geplaatst en verwijderd.
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 5
C:\Program Files\GamingWonderland\bar\1.bin\gtSrchMn.exe (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files\GamingWonderland\bar\1.bin\gtbrmon.exe (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files\GamingWonderland\bar\1.bin\gtbarsvc.exe (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files\GamingWonderland\bar\1.bin\gtbar.dll (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Stevens\Downloads\ellie_goulding__lights_us_version_2011.exe (PUP.Adware.MediaGet) -> Succesvol in quarantaine geplaatst en verwijderd.
(einde)
Echte kan ik de computerer nog steeds niet buiten veilige modus opstarten...
-
Beste,
Mijn computer is geblokkeerd met de volgende melding:
"Der computer ist für die Verletzung der Gesetze vol Belgien wurde blockiert".
Kunnen jullie me verderhelpen aub?
Onderaan een hi-jack this log, een malwarebytes Anti-Malware logje en een dds.txt-logje
Alvast hartelijk dank!
Hi-Jack-This-log
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:17:33, on 15-8-2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Safe mode with network support
Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\Stevens\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MyWebSearch Home Page
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: BittorrentBar_NL Toolbar - {2d8d9acc-f6d7-4362-8876-a275ca929591} - C:\Program Files\BittorrentBar_NL\prxtbBitt.dll
R3 - URLSearchHook: iWin Toolbar - {ce0c2586-da36-452b-acdb-320d9bcb19bf} - C:\Program Files\iWin\prxtbiWin.dll
R3 - URLSearchHook: (no name) - {a8625cb7-85fe-4936-92a4-b2a7c925209e} - C:\Program Files\GamingWonderland\bar\1.bin\gtSrcAs.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BittorrentBar_NL - {2d8d9acc-f6d7-4362-8876-a275ca929591} - C:\Program Files\BittorrentBar_NL\prxtbBitt.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Toolbar BHO - {7c8f8fe5-9785-4f74-bcf8-895ef9752d97} - C:\PROGRA~1\GAMING~2\bar\1.bin\gtbar.dll
O2 - BHO: IEHlprObj Class - {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\Program Files\iWin Games\iWinGamesHookIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Search Assistant BHO - {ab5d199e-9659-47a2-930b-fc3b69061353} - C:\Program Files\GamingWonderland\bar\1.bin\gtSrcAs.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: GamesBarBHO Class - {CB0D163C-E9F4-4236-9496-0597E24B23A5} - C:\Program Files\GamesBar\2.0.1.82\oberontb.dll
O2 - BHO: iWin - {ce0c2586-da36-452b-acdb-320d9bcb19bf} - C:\Program Files\iWin\prxtbiWin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll
O3 - Toolbar: BittorrentBar_NL Toolbar - {2d8d9acc-f6d7-4362-8876-a275ca929591} - C:\Program Files\BittorrentBar_NL\prxtbBitt.dll
O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\2.0.1.82\oberontb.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: iWin Toolbar - {ce0c2586-da36-452b-acdb-320d9bcb19bf} - C:\Program Files\iWin\prxtbiWin.dll
O3 - Toolbar: GamingWonderland - {a899079d-206f-43a6-be6a-07e0fa648ea0} - C:\Program Files\GamingWonderland\bar\1.bin\gtbar.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [sweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [switchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [GamingWonderland Search Scope Monitor] "C:\PROGRA~1\GAMING~2\bar\1.bin\gtsrchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [GamingWonderland Browser Plugin Loader] C:\PROGRA~1\GAMING~2\bar\1.bin\gtbrmon.exe
O4 - HKCU\..\Run: [spotify] "C:\Users\Stevens\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [searchEngineProtection] C:\Program Files\Gamesbar\SearchEngineProtection.exe
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [MediaGet2] C:\Users\Stevens\AppData\Local\MediaGet2\mediaget.exe --minimized
O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Stevens\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Stevens\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [WUDFPlatform] C:\Users\Stevens\AppData\Local\Microsoft\Windows\709\WUDFPlatform.exe
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\2.0.1.82\oberontb.dll
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\2.0.1.82\oberontb.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: PokerStars.be - {878AC5FC-BE78-4bae-896C-7F75B790A71E} - C:\Program Files\PokerStars.BE\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\Windows\System32\appdrvrem01.exe
O23 - Service: GamingWonderlandService - COMPANYVERS_NAME - C:\PROGRA~1\GAMING~2\bar\1.bin\gtbarsvc.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iWinTrusted - iWin Inc. - C:\Program Files\iWin Games\iWinTrusted.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
--
End of file - 9510 bytes
-
Hoe ik heb vandaag een nieuw 23.6' scherm gekocht. Maar als ik naar recht met de muis ga kan ik blijven doorgaan en kom hij niet terug. Ne een print screen zag ik echter dat het leek of ik 2 schermen had.
Fototje:
alvast bedankt
U-Kash Virus
in Archief Bestrijding malware & virussen
Geplaatst:
Idd, is Bullgaurd goed?